search

pouchdb / express-pouchdb

⚠️⚠️⚠️ THIS REPO HAS MOVED ⚠️⚠️⚠️
143 stars 52 forks source link

Invalid JSON body makes server crash #159

Closed marten-de-vries closed 9 years ago

marten-de-vries commented 9 years ago

Reported by @Rybadour: 'Agreed, when the body is JSON and it's not perfect the whole server goes down with an error like this:

/home/ryan/projects/websweet/api/node_modules/express-pouchdb/lib/utils.js:53
var rawPath = req.originalUrl.slice(req.baseUrl.length);
^
TypeError: Cannot read property 'length' of undefined
at Object.exports.rawPath (/home/ryan/projects/websweet/api/node_modules/express-pouchdb/lib/utils.js:53:50)
at Array.1 (/home/ryan/projects/websweet/api/node_modules/express-pouchdb/lib/routes/http_log.js:21:31)
at listener (/home/ryan/projects/websweet/api/node_modules/morgan/node_modules/on-finished/index.js:164:15)
at onFinish (/home/ryan/projects/websweet/api/node_modules/morgan/node_modules/on-finished/index.js:95:5)
at callback (/home/ryan/projects/websweet/api/node_modules/morgan/node_modules/on-finished/node_modules/ee-first/index.js:33:10)
at ServerResponse.onevent (/home/ryan/projects/websweet/api/node_modules/morgan/node_modules/on-finished/node_modules/ee-first/index.js:66:5)
at ServerResponse.EventEmitter.emit (events.js:117:20)
at ServerResponse.OutgoingMessage._finish (http.js:1018:8)
at ServerResponse.OutgoingMessage.end (http.js:1001:10)
at ServerResponse.res.end (/home/ryan/projects/websweet/api/node_modules/express-pouchdb/node_modules/compression/index.js:115:15)

That's kinda unacceptable.'

marten-de-vries commented 9 years ago

@Rybadour I'm afraid I can't reproduce this. Could you describe what you're doing (or better yet, provide a curl command that makes express-pouchdb crash?)

The error you're getting doesn't seem json parsing related, it does need 'req.baseUrl' though which was introduced in express 4.3.0. Do you have that? (Upgrade to at least 4.8.0 if not, we use something out of it too).

Rybadour commented 9 years ago

Marten I am currently running express v4.10

The reason I felt this was JSON parsing related was due to the fact that this error only arises when I send a request with "Content-Type: application/json" and a body that isn't perfect JSON.

I'm using the chrome extension Postman to send artificial requests to the server running locally. Specially I am doing a put request to this url: "localhost:3000/db/foo/11" "foo" was already created

Rybadour commented 9 years ago

I tried to create a route to handle the error instead. It seems simply calling next() at least once prior to express-pouchdb handling the request ensures that the server does not crash.

marten-de-vries commented 9 years ago

Thanks! I managed to reproduce this. curl commands:

marten@marten-laptop:~/git/pouchdb-server/bin$ curl -X PUT http://localhost:5985/db
{"ok":true}
marten@marten-laptop:~/git/pouchdb-server/bin$ curl -X POST http://localhost:5985/db -d '{"_id": "foo"}' -H 'Content-Type: application/json'
{"ok":true,"id":"232471af-5055-4d4f-ac9a-64904a263579","rev":"1-1b6b3445636d60aff83d9cd09c8eaf8a"}
marten@marten-laptop:~/git/pouchdb-server/bin$ curl -X PUT http://localhost:5985/db/foo -d '{{' -H 'Content-Type: application/json'
SyntaxError: Unexpected token {<br> &nbsp; &nbsp;at Object.parse (native)<br> &nbsp; &nbsp;at parse (/home/marten/git/express-pouchdb/node_modules/body-parser/lib/types/json.js:76:17)<br> &nbsp; &nbsp;at /home/marten/git/express-pouchdb/node_modules/body-parser/lib/read.js:98:18<br> &nbsp; &nbsp;at IncomingMessage.onEnd (/home/marten/git/express-pouchdb/node_modules/raw-body/index.js:136:7)<br> &nbsp; &nbsp;at IncomingMessage.g (events.js:180:16)<br> &nbsp; &nbsp;at IncomingMessage.EventEmitter.emit (events.js:92:17)<br> &nbsp; &nbsp;at _stream_readable.js:920:16<br> &nbsp; &nbsp;at process._tickCallback (node.js:415:13)
marten@marten-laptop:~/git/pouchdb-server/bin$

Stacktrace:

marten@marten-laptop:~/git/pouchdb-server/bin$ ./pouchdb-server
[info] pouchdb-server has started on http://127.0.0.1:5985/
[info] navigate to http://127.0.0.1:5985/_utils for the Fauxton UI.
[info] PUT /db 201 - 127.0.0.1
[info] POST /db 201 - 127.0.0.1

/home/marten/git/express-pouchdb/lib/utils.js:53
  var rawPath = req.originalUrl.slice(req.baseUrl.length);
                                                 ^
TypeError: Cannot read property 'length' of undefined
    at Object.exports.rawPath (/home/marten/git/express-pouchdb/lib/utils.js:53:50)
    at Array.0 (/home/marten/git/express-pouchdb/lib/routes/http_log.js:21:31)
    at listener (/home/marten/git/express-pouchdb/node_modules/on-finished/index.js:164:15)
    at onFinish (/home/marten/git/express-pouchdb/node_modules/on-finished/index.js:95:5)
    at callback (/home/marten/git/express-pouchdb/node_modules/on-finished/node_modules/ee-first/index.js:33:10)
    at ServerResponse.onevent (/home/marten/git/express-pouchdb/node_modules/on-finished/node_modules/ee-first/index.js:66:5)
    at ServerResponse.EventEmitter.emit (events.js:117:20)
    at ServerResponse.OutgoingMessage._finish (http.js:1018:8)
    at ServerResponse.OutgoingMessage.end (http.js:1001:10)
    at ServerResponse.res.end (/home/marten/git/express-pouchdb/node_modules/compression/index.js:117:15)
marten@marten-laptop:~/git/pouchdb-server/bin$
Rybadour commented 9 years ago

http://pastebin.com/AdBQBw5Z

Sending a request like:

PUT /db/foo/1 HTTP/1.1
Host: localhost:3000
Content-Type: application/json
Accept: application/json
Cache-Control: no-cache

{ "bar": 'baz' }

Results in this response:

SyntaxError: Unexpected token '
   at Object.parse (native)
   at parse (/home/ryan/projects/websweet/api/node_modules/express-pouchdb/node_modules/body-parser/lib/types/json.js:76:17)
   at /home/ryan/projects/websweet/api/node_modules/express-pouchdb/node_modules/body-parser/lib/read.js:98:18
   at IncomingMessage.onEnd (/home/ryan/projects/websweet/api/node_modules/express-pouchdb/node_modules/raw-body/index.js:136:7)
   at IncomingMessage.g (events.js:180:16)
   at IncomingMessage.EventEmitter.emit (events.js:92:17)
   at _stream_readable.js:920:16
   at process._tickCallback (node.js:415:13)

And this error which crashes the server (whole log of the process):

> todo-api@0.0.0 start /home/ryan/projects/websweet/api
> node server.js

PUT /db/foo/1 400 720 - 38.156 ms

/home/ryan/projects/websweet/api/node_modules/express-pouchdb/lib/utils.js:53
  var rawPath = req.originalUrl.slice(req.baseUrl.length);
                                                 ^
TypeError: Cannot read property 'length' of undefined
    at Object.exports.rawPath (/home/ryan/projects/websweet/api/node_modules/express-pouchdb/lib/utils.js:53:50)
    at Array.1 (/home/ryan/projects/websweet/api/node_modules/express-pouchdb/lib/routes/http_log.js:21:31)
    at listener (/home/ryan/projects/websweet/api/node_modules/morgan/node_modules/on-finished/index.js:164:15)
    at onFinish (/home/ryan/projects/websweet/api/node_modules/morgan/node_modules/on-finished/index.js:95:5)
    at callback (/home/ryan/projects/websweet/api/node_modules/morgan/node_modules/on-finished/node_modules/ee-first/index.js:33:10)
    at ServerResponse.onevent (/home/ryan/projects/websweet/api/node_modules/morgan/node_modules/on-finished/node_modules/ee-first/index.js:66:5)
    at ServerResponse.EventEmitter.emit (events.js:117:20)
    at ServerResponse.OutgoingMessage._finish (http.js:1018:8)
    at ServerResponse.OutgoingMessage.end (http.js:1001:10)
    at ServerResponse.res.end (/home/ryan/projects/websweet/api/node_modules/express-pouchdb/node_modules/compression/index.js:115:15)

npm ERR! todo-api@0.0.0 start: `node server.js`
npm ERR! Exit status 8
npm ERR! 
npm ERR! Failed at the todo-api@0.0.0 start script.
npm ERR! This is most likely a problem with the todo-api package,
npm ERR! not with npm itself.
npm ERR! Tell the author that this fails on your system:
npm ERR!     node server.js
npm ERR! You can get their info via:
npm ERR!     npm owner ls todo-api
npm ERR! There is likely additional logging output above.
npm ERR! System Linux 3.13.0-43-generic
npm ERR! command "/usr/local/bin/node" "/usr/local/bin/npm" "start"
npm ERR! cwd /home/ryan/projects/websweet/api
npm ERR! node -v v0.10.26
npm ERR! npm -v 1.4.3
npm ERR! code ELIFECYCLE
npm ERR! 
npm ERR! Additional logging details can be found in:
npm ERR!     /home/ryan/projects/websweet/api/npm-debug.log
npm ERR! not ok code 0

"PUT /db/foo/1 400 720 - 38.156 ms" Was logged by morgan before the request reached express-pouchdb

Thanks for your help, let me know if there is anything else I can provide

marten-de-vries commented 9 years ago

Fixed: fc5e5c87c8f4c5d369036bc7da21f8f0d491709e

Thanks for reporting and all the info, @Rybadour!